Alaska USA Federal Credit Union: Information Risk Analyst I

Overview:Reports To: Infrastructure Security SupervisorFunctions Supervised: NonePrimary Functions: Assist with the day-today operations of the Information Risk Management Program. Support the Enterprise Risk Management Program.Duties and ResponsibilitiesDevelop a working knowledge of credit union functions. Maintain policies, procedures and associated plans for the Information Risk Management Program.Assist in the development and maintenance of an information risk assessment schedule.Assist in the maintenance of an information risk register.Conduct risk assessments in accordance with the Information Risk Management ProgramCoordinate efforts to formulate risk mitigation plans based on risk assessment findings.Assist with tracking, measuring, and reporting on the status of risk mitigation plans.Assist with reports and presentations on findings, risk positions, mitigation plans and recommended changes.Recommend ways to manage or reduce information risk and to integrate risk management practices into daily operations. Assist with day-to-day operations of other Security Risk and Compliance processes.Assist with special projects as required.Perform other duties as assigned.Qualifications:Education: Associate or bachelor’s degree in Computer Science, Information Technology, Management Information Systems or a related field: or the equivalent in education and work experience.Creditable Experience in Lieu of Education: Equivalent technical training and certifications required. At least one year’s experience in IT auditing, information security, systems risk management, or related field.Experience/Skills: Familiarity with information security controls and risk management standards such as COBIT, ISO, PCI and NIST. Must have the ability to communicate effectively both orally and via written reports and analysis. Strong analytical, collaboration, organizational, time management and project management skills. Strong initiative and the ability to set and manage priorities and work successfully with minimal supervision. Must manage multiple tasks/projects while maintaining attention to detail. CISA or CRISC certification or equivalent desired.Tenure: Assignment to the Information Risk Analyst I category 10 or Information Risk Analyst II category 09, Information Risk Analyst III category 08 or Senior Information Risk Analyst category 07 will be determined by the candidate’s education or experience. Advancement requires management recommendation and will be based on the candidate’s certifications and/or performance.Equal Opportunity Employer